?
Solved

Upgrading Active Directory from Server 2000 to SBS 2003?

Posted on 2010-04-05
16
Medium Priority
?
430 Views
Last Modified: 2013-12-05
Hello EEs,

Greetings,

Currently we are using the following server & clients:-


1. Windows Back office Server 2000 = Installed with AD + DNS + Print Server
2. Windows SBS 2003 = installed with AD + DNS + Exchange 2003 (WITH IN THE SAME DOMAIN BUT SEPARATELY IN DIFFERENT BOX)
3. Windows Backoffice Server 2000 installed with SQL Server (In other box)
4. Windows Backoffice Server 2000 installed with Anti-Virus Server (Trend Micro) (again in other box)

Windows Back office server 2000 is our main DC for domain authentication for domain users & 2003 SBS is used to authenticate outlook.

Now due to so many issues we want to upgrade our domain & we want our main DC as SBS 2003 with Exchange Server 2003.

We have 50 XP Pro users in our domain.

Now is it possible i can install & make it a DC with existing Exchange server & can remove
MS Backoffice Server 2000 from my network with the existing license in a different box.

Will i need to buy CALs for my 50 XP users, 50 outlook users & 25 SQL users?

Kindly advice what all difficulties i will have to face with the appropriate solution,

An earlier reply will be appreciated,

Many thanks,

DXB


0
Comment
Question by:dxbdxb2009
  • 7
  • 5
  • 2
  • +1
15 Comments
 
LVL 9

Expert Comment

by:dmessman
ID: 29794090
I'm not quite sure I understand.  You're saying that your SBS 2003 box is in the domain - and it handles Exchange - so it's already a domain controller - which seems to be the crux of your question.

The concept of primary and backup domain controllers doesn't exist in the post WIndows 2000 era.  You're either a domain controller or you're not.  There is a concept of being the master for a set of roles - which your SBS 2003 box should be, but may not be if it was not the first box in the domain - which it sounds like it wasn't.  

From what it sounds like if you took your Backoffice 2000 boxes offline, your domain would continue functioning just fine - since SBS presumably has the correct number of SBS licenses and it already handles domain authentication.  

Regarding licensing, there are licenses for the workstations (XP licenses) and server licenses (client access licenses - CALs).  You already have the workstation licenses set up properly (presumably) on your workstations.  You need CALs for your SBS 2003 box, but it sounds like you already have everything you need if Exchange is working properly right now.

Regarding SQL, that's a little out of my area of expertise, but do you have SBS 2003 Premium - which has SQL Server included?  If not, you'll need to maintain a separate box for your SQL servicing needs.  And if it's a newer version than the 2000 SQL you have now, you'll need new SQL CALs for that new box.  Or you can keep your 2000 SQL box if it suits your needs.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 29906653
In order to get to where you are proposing, you have to introduce a whole New Server, which will run SBS 2003 including Exchange 2003   The following link explains how to introduce and install SBS 2003 into an existing Active Directory environment  http://support.microsoft.com/kb/884453    You would need to purchase 50 SBS 2003 Cals.   This included Outlook CALs.  
You may also want to consider contacting sbsmigration.com for assistance.  They have documentation and tools available for many different types of scenarios
Lastly I have to ask, why would you consider upgrading to a a product that is 7 years old and nearly at end of life.   If you're going to spend the money for all this effort, you should be moving to SBS 2008
0
 

Author Comment

by:dxbdxb2009
ID: 30298842
Thanks dmessman for your reply,

I apologize for reply you late.

Yes dmessman you are right, my sbs 2003 is not the first dc in my network, my network had 2k dc + 2k dc with exchange 2k installed in other box then due to some probs 2k exchange was replaced by sbs 2k3.

I disagree that after removing 2k box how my domain user will be authenticated, i can understand that mail flow will work well but what about domain users authentication?

if sbs 2k3 is authenticating to my domain users i have not installed 50 CALs in my sbs 2k3 DC then how the users can be authenticated.....am i presuming right?

Yes, I have purchased already xp license i.e. OEM (not paper license) but since 2k does not require CALs for connecting the xp users to DC thus it was not purchased yet,
as i know exchange sbs 2k3 doesnot require CALs setup only for exchange(outlook)users...am i right?

NO i dont have sbs 2k3 premium (it is standard), we are running sql 2k based.

regards to upgrade to 2k3 which all license i need to buy or can i use the same sbs 2k3 standard lincese to install new box with 2k3 to make it PDC so existing 2k3 exchange should work as it is working now without intrupting too much to my network.

Kindly adivce for the same.

------------------------------------------------------------------------------------------------------

Thanks CrisHanna_MVP for joining the me & sorry for replying you late.

thaks for the KB link let me go through it, & bythe way do i need to buy the separate license to installing new box to make new PDC or can i use my existing sbs 2k3 standard version?

I also have advice for 2k8 to my management since we might get 2010 in next months thus i agree to be with the 2k8.

But till the time kindly advice for 2k3 so I can make sure abt ek3 atleaset.

Awaiting for your valuable replies,

Many thanks,

DXB
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
LVL 35

Accepted Solution

by:
Cris Hanna earned 2000 total points
ID: 30310723
Have gone back and re-read your original post.
There is NO WAY your SBS server is not the "main" DC in your environment.   It will not function if it is not the "First Server" in the AD Forest and AD Domain and holding all the FSMO rolls.
If you have done things with the SBS 2003 to make it function in any other way, it is in a technologically unsupported configuration AND it would be in violation of it's licensing.
Now that you're talking about Exchange 2010, you need to either abandon using SBS in your domain because there is NO version of SBS which will support the use of Exchange 2010 in the domain, OR wait until the next version of SBS comes out and migrate to that as it will most likely contain Exchange 2010
 
0
 
LVL 9

Expert Comment

by:dmessman
ID: 30328844
Back to my original point, your SBS 2003 box is a domain controller already.  You can take the 2000 boxes offline and still authenticate users on the domain.  

I would personally eliminate all unnecessary servers - and then you can figure out your options.  If you have the budget, SBS 2008 is a good option and has a relatively easy upgrade path from SBS 2003.  However, SBS 2003 is also a good product if set up properly.

Looking at your original question, you already have everything you want.  I can't tell if you're saying that your SBS 2003 box already handles email.  But if so, you're already where you want to be.  You can eliminate your 2000 servers and be ok.
0
 

Author Comment

by:dxbdxb2009
ID: 30719873

First of all sorry to all of you for replying you late, since i was on sick leave.

Thanks CrisHanna_MVP for your reply,

I am telling you that sbs 2k3 dc is not our first dc in our network, we were running back office 2k network after that we put sbs 2k3 as a exchange server...believe me....Yes regards to role i am not sure.

regards to licensing our domain users are not authenticated by sbs 2k3 & in 2k environmental i think no CALs are required.......am i right?
Yes when we upgrade our dc i need to buy CAL for that i am asking the process & license requirement as posted in my earlier post.
Hope to get the process in your next post.

----------------------------------------------------------------------------------

Thanks dmessman for your post

If i take out my 2k dc out from my network will my xp users need CALs to connect to dc 2k3 sbs & will log in to 2k3 sbs to be consider as a mail dc or not?

kindly reconfirm can i remove my 2k dc & can use sbs 2k3 as my mail dc for all users to login my dc

awaiting for your earlier reply,

many thank,

dxb








0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 30728401
First question, is your SBS Server a Domain Controller at all?   You can run DCDIAG from the SBS Server to determine that?
0
 

Author Comment

by:dxbdxb2009
ID: 30746898
As i discribed in my earlier post, i have  2 dc for my single domain, (i) 2k back office server (ii) dc + exchange server sbs 2k3

regards to DCDIAG, tomorrow morning i will run it on both dc & will post the result to you.

many thanks for joining me.

dxb
0
 

Author Comment

by:dxbdxb2009
ID: 31035291
Any updatesssssssssssssssssssssssssssssssssssssss
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 31035658
we're still waiting for the results of running DCDiag
0
 

Author Comment

by:dxbdxb2009
ID: 32573539
Sorry CrisHanna_MVP for replying you late since i was fully intanglled with some other probs.

Kind find the attached DCDiag report i run on my 2003 Server. Pls note i can not run DCDiag on Windows 2000 server the command was not recognized.

Hope to get help from you soon,

awaiting for your earlier reply,

Many thanks

dxb

DCDIAG-SERVER.txt
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 32594741
ok..that looks fine  Now on the  SBS Server, follow this article to determine who holds the FSMO roles  http://www.petri.co.il/determining_fsmo_role_holders.htm
 
0
 

Author Comment

by:dxbdxb2009
ID: 32796783
Many thanks CrisHanna MVP for being with me.

I am really very sorry for replying you late since i was on sick leave for last few days & joined today.

I have seen the FSMO status of the SBS server which is installed with Exchange 2k3 & have taken only

the snaps of FSMO, i did not checked the schema...pls advice if i need to do.

Pls fine the attached snap of the SBS server status & advice.

many thanks,

awaiting for your earlier reply,

dxb
operational-master.JPG
RID-PDC-INFRO.JPG
0
 

Author Comment

by:dxbdxb2009
ID: 32979403
I request for the reply but till now did not received any update.
Shell i need to close it without getting answer?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 32979429
Which part of your question was not answered?
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question